AnthoLume/api/api.go

package api

import (
	"crypto/rand"
	"html/template"
	"net/http"

	"github.com/gin-contrib/multitemplate"
	"github.com/gin-contrib/sessions"
	"github.com/gin-contrib/sessions/cookie"
	"github.com/gin-gonic/gin"
	"github.com/microcosm-cc/bluemonday"
	log "github.com/sirupsen/logrus"
	"reichard.io/bbank/config"
	"reichard.io/bbank/database"
)

type API struct {
	Router     *gin.Engine
	Config     *config.Config
	DB         *database.DBManager
	HTMLPolicy *bluemonday.Policy
}

func NewApi(db *database.DBManager, c *config.Config) *API {
	api := &API{
		HTMLPolicy: bluemonday.StrictPolicy(),
		Router:     gin.Default(),
		Config:     c,
		DB:         db,
	}

	// Assets & Web App Templates
	api.Router.Static("/assets", "./assets")

	// Generate Secure Token
	var newToken []byte
	var err error

	if c.CookieSessionKey != "" {
		log.Info("[NewApi] Utilizing Environment Cookie Session Key")
		newToken = []byte(c.CookieSessionKey)
	} else {
		log.Info("[NewApi] Generating Cookie Session Key")
		newToken, err = generateToken(64)
		if err != nil {
			panic("Unable to generate secure token")
		}
	}

	// Configure Cookie Session Store
	store := cookie.NewStore(newToken)
	store.Options(sessions.Options{
		MaxAge:   60 * 60 * 24 * 7,
		Secure:   c.CookieSecure,
		HttpOnly: c.CookieHTTPOnly,
		SameSite: http.SameSiteStrictMode,
	})
	api.Router.Use(sessions.Sessions("token", store))

	// Register Web App Route
	api.registerWebAppRoutes()

	// Register API Routes
	apiGroup := api.Router.Group("/api")
	api.registerKOAPIRoutes(apiGroup)
	api.registerOPDSRoutes(apiGroup)

	return api
}

func (api *API) registerWebAppRoutes() {
	// Define Templates & Helper Functions
	render := multitemplate.NewRenderer()
	helperFuncs := template.FuncMap{
		"GetSVGGraphData": getSVGGraphData,
		"GetUTCOffsets":   getUTCOffsets,
		"NiceSeconds":     niceSeconds,
	}

	// Templates
	render.AddFromFiles("error", "templates/error.html")
	render.AddFromFilesFuncs("activity", helperFuncs, "templates/base.html", "templates/activity.html")
	render.AddFromFilesFuncs("document", helperFuncs, "templates/base.html", "templates/document.html")
	render.AddFromFilesFuncs("documents", helperFuncs, "templates/base.html", "templates/documents.html")
	render.AddFromFilesFuncs("home", helperFuncs, "templates/base.html", "templates/home.html")
	render.AddFromFilesFuncs("login", helperFuncs, "templates/login.html")
	render.AddFromFilesFuncs("search", helperFuncs, "templates/base.html", "templates/search.html")
	render.AddFromFilesFuncs("settings", helperFuncs, "templates/base.html", "templates/settings.html")

	api.Router.HTMLRender = render

	// Static Assets (Required @ Root)
	api.Router.GET("/manifest.json", api.webManifest)
	api.Router.GET("/favicon.ico", api.faviconIcon)
	api.Router.GET("/sw.js", api.serviceWorker)

	// Local / Offline Static Pages (No Template, No Auth)
	api.Router.GET("/local", api.localDocuments)

	// Reader (Reader Page, Document Progress, Devices)
	api.Router.GET("/reader", api.documentReader)
	api.Router.GET("/reader/devices", api.authWebAppMiddleware, api.getDevices)
	api.Router.GET("/reader/progress/:document", api.authWebAppMiddleware, api.getDocumentProgress)

	// Web App
	api.Router.GET("/", api.authWebAppMiddleware, api.createAppResourcesRoute("home"))
	api.Router.GET("/activity", api.authWebAppMiddleware, api.createAppResourcesRoute("activity"))
	api.Router.GET("/documents", api.authWebAppMiddleware, api.createAppResourcesRoute("documents"))
	api.Router.GET("/documents/:document", api.authWebAppMiddleware, api.createAppResourcesRoute("document"))
	api.Router.GET("/documents/:document/cover", api.authWebAppMiddleware, api.getDocumentCover)
	api.Router.GET("/documents/:document/file", api.authWebAppMiddleware, api.downloadDocument)
	api.Router.GET("/login", api.createAppResourcesRoute("login"))
	api.Router.GET("/logout", api.authWebAppMiddleware, api.authLogout)
	api.Router.GET("/register", api.createAppResourcesRoute("login", gin.H{"Register": true}))
	api.Router.GET("/settings", api.authWebAppMiddleware, api.createAppResourcesRoute("settings"))
	api.Router.POST("/login", api.authFormLogin)
	api.Router.POST("/register", api.authFormRegister)

	// Demo Mode Enabled Configuration
	if api.Config.DemoMode {
		api.Router.POST("/documents", api.authWebAppMiddleware, api.demoModeAppError)
		api.Router.POST("/documents/:document/delete", api.authWebAppMiddleware, api.demoModeAppError)
		api.Router.POST("/documents/:document/edit", api.authWebAppMiddleware, api.demoModeAppError)
		api.Router.POST("/documents/:document/identify", api.authWebAppMiddleware, api.demoModeAppError)
		api.Router.POST("/settings", api.authWebAppMiddleware, api.demoModeAppError)
	} else {
		api.Router.POST("/documents", api.authWebAppMiddleware, api.uploadNewDocument)
		api.Router.POST("/documents/:document/delete", api.authWebAppMiddleware, api.deleteDocument)
		api.Router.POST("/documents/:document/edit", api.authWebAppMiddleware, api.editDocument)
		api.Router.POST("/documents/:document/identify", api.authWebAppMiddleware, api.identifyDocument)
		api.Router.POST("/settings", api.authWebAppMiddleware, api.editSettings)
	}

	// Search Enabled Configuration
	if api.Config.SearchEnabled {
		api.Router.GET("/search", api.authWebAppMiddleware, api.createAppResourcesRoute("search"))
		api.Router.POST("/search", api.authWebAppMiddleware, api.saveNewDocument)
	}
}

func (api *API) registerKOAPIRoutes(apiGroup *gin.RouterGroup) {
	koGroup := apiGroup.Group("/ko")

	// KO Sync Routes (WebApp Uses - Progress & Activity)
	koGroup.GET("/documents/:document/file", api.authKOMiddleware, api.downloadDocument)
	koGroup.GET("/syncs/progress/:document", api.authKOMiddleware, api.getProgress)
	koGroup.GET("/users/auth", api.authKOMiddleware, api.authorizeUser)
	koGroup.POST("/activity", api.authKOMiddleware, api.addActivities)
	koGroup.POST("/syncs/activity", api.authKOMiddleware, api.checkActivitySync)
	koGroup.POST("/users/create", api.createUser)
	koGroup.PUT("/syncs/progress", api.authKOMiddleware, api.setProgress)

	// Demo Mode Enabled Configuration
	if api.Config.DemoMode {
		koGroup.POST("/documents", api.authKOMiddleware, api.demoModeJSONError)
		koGroup.POST("/syncs/documents", api.authKOMiddleware, api.demoModeJSONError)
		koGroup.PUT("/documents/:document/file", api.authKOMiddleware, api.demoModeJSONError)
	} else {
		koGroup.POST("/documents", api.authKOMiddleware, api.addDocuments)
		koGroup.POST("/syncs/documents", api.authKOMiddleware, api.checkDocumentsSync)
		koGroup.PUT("/documents/:document/file", api.authKOMiddleware, api.uploadExistingDocument)
	}
}

func (api *API) registerOPDSRoutes(apiGroup *gin.RouterGroup) {
	opdsGroup := apiGroup.Group("/opds")

	// OPDS Routes
	opdsGroup.GET("", api.authOPDSMiddleware, api.opdsEntry)
	opdsGroup.GET("/", api.authOPDSMiddleware, api.opdsEntry)
	opdsGroup.GET("/search.xml", api.authOPDSMiddleware, api.opdsSearchDescription)
	opdsGroup.GET("/documents", api.authOPDSMiddleware, api.opdsDocuments)
	opdsGroup.GET("/documents/:document/cover", api.authOPDSMiddleware, api.getDocumentCover)
	opdsGroup.GET("/documents/:document/file", api.authOPDSMiddleware, api.downloadDocument)
}

func generateToken(n int) ([]byte, error) {
	b := make([]byte, n)
	_, err := rand.Read(b)
	if err != nil {
		return nil, err
	}
	return b, nil
}
Initial Commit 2023-09-18 23:57:18 +00:00			`package api`

			`import (`
			`"crypto/rand"`
			`"html/template"`
			`"net/http"`

			`"github.com/gin-contrib/multitemplate"`
			`"github.com/gin-contrib/sessions"`
			`"github.com/gin-contrib/sessions/cookie"`
			`"github.com/gin-gonic/gin"`
[add] document view, [add] html sanitization, [add] google books metadata enrichment, [improve] db query performance 2023-09-23 02:12:36 +00:00			`"github.com/microcosm-cc/bluemonday"`
			`log "github.com/sirupsen/logrus"`
Initial Commit 2023-09-18 23:57:18 +00:00			`"reichard.io/bbank/config"`
			`"reichard.io/bbank/database"`
			`)`

			`type API struct {`
[add] document view, [add] html sanitization, [add] google books metadata enrichment, [improve] db query performance 2023-09-23 02:12:36 +00:00			`Router *gin.Engine`
			`Config *config.Config`
			`DB *database.DBManager`
			`HTMLPolicy *bluemonday.Policy`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

			`func NewApi(db database.DBManager, c config.Config) *API {`
			`api := &API{`
[add] editing, deletion, metadata recording 2023-09-23 18:14:57 +00:00			`HTMLPolicy: bluemonday.StrictPolicy(),`
[add] document view, [add] html sanitization, [add] google books metadata enrichment, [improve] db query performance 2023-09-23 02:12:36 +00:00			`Router: gin.Default(),`
			`Config: c,`
			`DB: db,`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

			`// Assets & Web App Templates`
			`api.Router.Static("/assets", "./assets")`

			`// Generate Secure Token`
[add] document view, [add] html sanitization, [add] google books metadata enrichment, [improve] db query performance 2023-09-23 02:12:36 +00:00			`var newToken []byte`
			`var err error`

			`if c.CookieSessionKey != "" {`
			`log.Info("[NewApi] Utilizing Environment Cookie Session Key")`
			`newToken = []byte(c.CookieSessionKey)`
			`} else {`
			`log.Info("[NewApi] Generating Cookie Session Key")`
			`newToken, err = generateToken(64)`
			`if err != nil {`
			`panic("Unable to generate secure token")`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

			`// Configure Cookie Session Store`
			`store := cookie.NewStore(newToken)`
			`store.Options(sessions.Options{`
[add] better xpath generation, [add] wake lock, [add] device sorting, [fix] better theme management 2023-10-14 01:06:49 +00:00			`MaxAge: 60 * 60 * 24 * 7,`
[add] configurable cookie attribute settings 2023-10-24 22:41:25 +00:00			`Secure: c.CookieSecure,`
			`HttpOnly: c.CookieHTTPOnly,`
Initial Commit 2023-09-18 23:57:18 +00:00			`SameSite: http.SameSiteStrictMode,`
			`})`
			`api.Router.Use(sessions.Sessions("token", store))`

			`// Register Web App Route`
			`api.registerWebAppRoutes()`

			`// Register API Routes`
			`apiGroup := api.Router.Group("/api")`
			`api.registerKOAPIRoutes(apiGroup)`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`api.registerOPDSRoutes(apiGroup)`
Initial Commit 2023-09-18 23:57:18 +00:00
			`return api`
			`}`

			`func (api *API) registerWebAppRoutes() {`
			`// Define Templates & Helper Functions`
			`render := multitemplate.NewRenderer()`
			`helperFuncs := template.FuncMap{`
[add] tests, [add] refactor epub feat 2023-10-24 00:18:16 +00:00			`"GetSVGGraphData": getSVGGraphData,`
			`"GetUTCOffsets": getUTCOffsets,`
			`"NiceSeconds": niceSeconds,`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

[add] demo mode 2023-10-31 10:28:22 +00:00			`// Templates`
[add] better error handling, [add] font selector, [add] tailwind generation 2023-10-25 23:52:01 +00:00			`render.AddFromFiles("error", "templates/error.html")`
[add] demo mode 2023-10-31 10:28:22 +00:00			`render.AddFromFilesFuncs("activity", helperFuncs, "templates/base.html", "templates/activity.html")`
			`render.AddFromFilesFuncs("document", helperFuncs, "templates/base.html", "templates/document.html")`
			`render.AddFromFilesFuncs("documents", helperFuncs, "templates/base.html", "templates/documents.html")`
Initial Commit 2023-09-18 23:57:18 +00:00			`render.AddFromFilesFuncs("home", helperFuncs, "templates/base.html", "templates/home.html")`
[add] demo mode 2023-10-31 10:28:22 +00:00			`render.AddFromFilesFuncs("login", helperFuncs, "templates/login.html")`
[add] search 2023-10-07 01:25:56 +00:00			`render.AddFromFilesFuncs("search", helperFuncs, "templates/base.html", "templates/search.html")`
[add] settings (pw & time offset), [fix] PWA issues, [fix] misc styling issues 2023-09-27 22:58:47 +00:00			`render.AddFromFilesFuncs("settings", helperFuncs, "templates/base.html", "templates/settings.html")`
Initial Commit 2023-09-18 23:57:18 +00:00
			`api.Router.HTMLRender = render`

[add] demo mode 2023-10-31 10:28:22 +00:00			`// Static Assets (Required @ Root)`
[add] pwa manifest, [fix] missing koplugin import 2023-09-18 23:57:18 +00:00			`api.Router.GET("/manifest.json", api.webManifest)`
[add] favicon 2023-11-26 00:21:18 +00:00			`api.Router.GET("/favicon.ico", api.faviconIcon)`
[add] service worker & offline reader 2023-10-29 00:07:24 +00:00			`api.Router.GET("/sw.js", api.serviceWorker)`

[add] demo mode 2023-10-31 10:28:22 +00:00			`// Local / Offline Static Pages (No Template, No Auth)`
[fix] login PWA styling, [add] login local link, [add] home local link 2023-10-30 23:23:38 +00:00			`api.Router.GET("/local", api.localDocuments)`
[fix] service worker route regex bug, [add] device selector / creator 2023-11-27 02:41:17 +00:00
			`// Reader (Reader Page, Document Progress, Devices)`
[add] service worker & offline reader 2023-10-29 00:07:24 +00:00			`api.Router.GET("/reader", api.documentReader)`
[fix] service worker route regex bug, [add] device selector / creator 2023-11-27 02:41:17 +00:00			`api.Router.GET("/reader/devices", api.authWebAppMiddleware, api.getDevices)`
			`api.Router.GET("/reader/progress/:document", api.authWebAppMiddleware, api.getDocumentProgress)`
[add] service worker & offline reader 2023-10-29 00:07:24 +00:00
[add] demo mode 2023-10-31 10:28:22 +00:00			`// Web App`
Initial Commit 2023-09-18 23:57:18 +00:00			`api.Router.GET("/", api.authWebAppMiddleware, api.createAppResourcesRoute("home"))`
[fix] map concurrency issue, [add] better logging, [add] activity template, [fix] safari redirect issue, [add] timezone framework 2023-09-21 00:35:01 +00:00			`api.Router.GET("/activity", api.authWebAppMiddleware, api.createAppResourcesRoute("activity"))`
[add] document view, [add] html sanitization, [add] google books metadata enrichment, [improve] db query performance 2023-09-23 02:12:36 +00:00			`api.Router.GET("/documents", api.authWebAppMiddleware, api.createAppResourcesRoute("documents"))`
			`api.Router.GET("/documents/:document", api.authWebAppMiddleware, api.createAppResourcesRoute("document"))`
Initial Commit 2023-09-18 23:57:18 +00:00			`api.Router.GET("/documents/:document/cover", api.authWebAppMiddleware, api.getDocumentCover)`
[add] demo mode 2023-10-31 10:28:22 +00:00			`api.Router.GET("/documents/:document/file", api.authWebAppMiddleware, api.downloadDocument)`
			`api.Router.GET("/login", api.createAppResourcesRoute("login"))`
			`api.Router.GET("/logout", api.authWebAppMiddleware, api.authLogout)`
			`api.Router.GET("/register", api.createAppResourcesRoute("login", gin.H{"Register": true}))`
			`api.Router.GET("/settings", api.authWebAppMiddleware, api.createAppResourcesRoute("settings"))`
			`api.Router.POST("/login", api.authFormLogin)`
			`api.Router.POST("/register", api.authFormRegister)`

			`// Demo Mode Enabled Configuration`
			`if api.Config.DemoMode {`
			`api.Router.POST("/documents", api.authWebAppMiddleware, api.demoModeAppError)`
			`api.Router.POST("/documents/:document/delete", api.authWebAppMiddleware, api.demoModeAppError)`
			`api.Router.POST("/documents/:document/edit", api.authWebAppMiddleware, api.demoModeAppError)`
			`api.Router.POST("/documents/:document/identify", api.authWebAppMiddleware, api.demoModeAppError)`
			`api.Router.POST("/settings", api.authWebAppMiddleware, api.demoModeAppError)`
			`} else {`
			`api.Router.POST("/documents", api.authWebAppMiddleware, api.uploadNewDocument)`
			`api.Router.POST("/documents/:document/delete", api.authWebAppMiddleware, api.deleteDocument)`
			`api.Router.POST("/documents/:document/edit", api.authWebAppMiddleware, api.editDocument)`
			`api.Router.POST("/documents/:document/identify", api.authWebAppMiddleware, api.identifyDocument)`
			`api.Router.POST("/settings", api.authWebAppMiddleware, api.editSettings)`
			`}`
[add] search 2023-10-07 01:25:56 +00:00
[add] demo mode 2023-10-31 10:28:22 +00:00			`// Search Enabled Configuration`
[add] search 2023-10-07 01:25:56 +00:00			`if api.Config.SearchEnabled {`
			`api.Router.GET("/search", api.authWebAppMiddleware, api.createAppResourcesRoute("search"))`
			`api.Router.POST("/search", api.authWebAppMiddleware, api.saveNewDocument)`
			`}`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

			`func (api API) registerKOAPIRoutes(apiGroup gin.RouterGroup) {`
			`koGroup := apiGroup.Group("/ko")`

[add] demo mode 2023-10-31 10:28:22 +00:00			`// KO Sync Routes (WebApp Uses - Progress & Activity)`
[add] better error handling, [add] font selector, [add] tailwind generation 2023-10-25 23:52:01 +00:00			`koGroup.GET("/documents/:document/file", api.authKOMiddleware, api.downloadDocument)`
[add] demo mode 2023-10-31 10:28:22 +00:00			`koGroup.GET("/syncs/progress/:document", api.authKOMiddleware, api.getProgress)`
			`koGroup.GET("/users/auth", api.authKOMiddleware, api.authorizeUser)`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`koGroup.POST("/activity", api.authKOMiddleware, api.addActivities)`
			`koGroup.POST("/syncs/activity", api.authKOMiddleware, api.checkActivitySync)`
[add] demo mode 2023-10-31 10:28:22 +00:00			`koGroup.POST("/users/create", api.createUser)`
			`koGroup.PUT("/syncs/progress", api.authKOMiddleware, api.setProgress)`

			`// Demo Mode Enabled Configuration`
			`if api.Config.DemoMode {`
			`koGroup.POST("/documents", api.authKOMiddleware, api.demoModeJSONError)`
			`koGroup.POST("/syncs/documents", api.authKOMiddleware, api.demoModeJSONError)`
			`koGroup.PUT("/documents/:document/file", api.authKOMiddleware, api.demoModeJSONError)`
			`} else {`
			`koGroup.POST("/documents", api.authKOMiddleware, api.addDocuments)`
			`koGroup.POST("/syncs/documents", api.authKOMiddleware, api.checkDocumentsSync)`
			`koGroup.PUT("/documents/:document/file", api.authKOMiddleware, api.uploadExistingDocument)`
			`}`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`}`

			`func (api API) registerOPDSRoutes(apiGroup gin.RouterGroup) {`
			`opdsGroup := apiGroup.Group("/opds")`

[add] demo mode 2023-10-31 10:28:22 +00:00			`// OPDS Routes`
[add] opds search, [fix] opds urls, [add] log level env var 2023-11-25 23:38:18 +00:00			`opdsGroup.GET("", api.authOPDSMiddleware, api.opdsEntry)`
			`opdsGroup.GET("/", api.authOPDSMiddleware, api.opdsEntry)`
			`opdsGroup.GET("/search.xml", api.authOPDSMiddleware, api.opdsSearchDescription)`
			`opdsGroup.GET("/documents", api.authOPDSMiddleware, api.opdsDocuments)`
[add] opds catalog, [add] migrate to non-cgo sqlite driver 2023-10-05 23:56:19 +00:00			`opdsGroup.GET("/documents/:document/cover", api.authOPDSMiddleware, api.getDocumentCover)`
[add] demo mode 2023-10-31 10:28:22 +00:00			`opdsGroup.GET("/documents/:document/file", api.authOPDSMiddleware, api.downloadDocument)`
Initial Commit 2023-09-18 23:57:18 +00:00			`}`

			`func generateToken(n int) ([]byte, error) {`
			`b := make([]byte, n)`
			`_, err := rand.Read(b)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return b, nil`
			`}`